The comprehensive and cost-effective enterprise mobility solution

Capabilities

Consistent identity

With the proliferation of consumer devices in the corporate world and the ease of adoption that cloud-based SaaS applications offer, maintaining control of users’ access to applications across both internal datacenters and cloud platforms has become a significant challenge. Enterprise Mobility Suite empowers users with single sign-on for access to all their corporate resources across the datacenter and in the cloud with powerful identity and access management capabilities.

Discover which SaaS applications are used in your organization with Azure Cloud App Discovery

Create and manage a single identity for each user across all your directories, keeping attributes in sync and providing single sign-on for users

Sync user identities between your on-premises directories and Azure Active Directory for a single identity across all corporate resources in the datacenter and cloud

When needed, leverage identity federation to maintain all authentication against your on-premises directory

Self-service identity management

IT resources are a precious commodity. Enabling your end users to accomplish tasks without a call to the help desk is a great way to conserve these resources.

Keep users productive with self-service password reset for both on-premises and cloud-based directories

Simplify day-to-day administration of groups and access to group-associated applications by enabling users to create groups, request access to other groups, delegate group ownership so others can approve requests and maintain their group’s memberships

Advanced identity security

Monitor and protect access to your cloud applications by viewing detailed reports showing more advanced anomalies and inconsistent access pattern reports. Advanced reports are machine learning-based and can help you gain new insights to improve access security and respond to potential threats

Multi-factor authentication can help you to secure access to on-premises applications (VPN, RADIUS, etc.), Azure, Microsoft Online Services like Office 365 and Dynamics CRM Online, and thousands of non-MS cloud services pre-integrated with Azure Active Directory. Simply enable multi-factor authentication for Azure Active Directory identities, and users will be prompted to set up additional verification the next time they sign in

Mobile device management (MDM)

With the increasing volume and diversity of corporate and personal devices being used in organizations today, a growing challenge for IT departments is keeping corporate information secure. Enterprise Mobility Suite helps minimize complexity by offering mobile device management through the cloud with integrated data protection and compliance capabilities.

Provide a self-service company portal for users to enroll their own devices and install corporate applications across the most popular mobile platforms

Deliver comprehensive settings management for mobile devices, enabling the execution of remote actions such as passcode reset, device lock, data encryption, and full wipe to protect corporate data on lost or stolen devices

Protect corporate data by restricting access to Exchange email and OneDrive for business documents based upon policies set by the administrator when a user tries to access resources on an unenrolled or non-compliant device

Simplify enrollment of corporate devices with bulk enrollment using Apple Configurator or a single service account, enabling IT administrators to set policies and deploy applications on a large scale

Streamline the enrollment and management of iOS devices purchased directly from Apple with the Device Enrollment Program (DEP)

Mobile application management (MAM)

Employees are demanding access to corporate applications, data, and resources from their mobile devices. Enterprise Mobility Suite addresses this challenge by building manageability and data protection directly into the Office mobile apps your employees are most familiar with. Enterprise Mobility Suite also provides the flexibility to extend these capabilities to existing line-of-business apps and to enable secure viewing of content using the Managed Browser, PDF Viewer, AV Player, and Image Viewer apps.

Enable your workforce to securely access corporate information using the Office mobile apps they know and love while preventing leakage of your company's data by restricting actions such as copy/cut/paste/save in your managed app ecosystem

Apply the same management policies to your existing line-of-business (LOB) applications using the Intune App Wrapping tool, without requiring code changes in those LOB apps

Allow administrators and device users to protect corporate information through selective wipe of managed apps and related data when a device is unenrolled, no longer compliant, lost, stolen, or retired from use

Enable administrators to push required apps automatically during enrollment and allow users to easily install corporate apps from the self-service company portal

Provide the ability to deny specific applications or URL addresses from being accessed on mobile devices

PC management

As the number of device types allowed in corporate environments grows, management becomes more challenging. Intune provides a comprehensive management solution through a single administrative console that allows you to manage across a variety of devices, including PCs and laptops.

Integrate your existing System Center 2012 Configuration Manager infrastructure with Intune, further enhancing your ability to manage PCs, Macs, and Unix/Linux servers, as well as mobile devices from a single management console, while building on existing investments and skills

Protect your corporate data

Enable encryption and authorization policies to help secure your files and email across multiple devices—phones, tablets, and PCs. Information can be protected both within your organization and outside your organization because that protection remains with the data, even when it leaves your organization’s boundaries.